Allowing a Trusted Application (TA) on a mobile device to perform a transaction with a reader device by obtaining a transient identifier (IDn) for the mobile by combining a hardware related component, such as an unique identifier (UID) of an integrated circuit and a software related component, such as a time stamp, emitting the IDn to a provisioning server; calculating, using the master key (MK) on the server and the IDn, a transient derived key (DKn); sending the DKn from the server to the mobile, allowing the TA to securely communicate with a reader during a time interval. Also, allowing a TA to securely communicate using Near Field Communication (NFC) which are secured by symmetric cryptography, comprising: obtaining an IDn as above and transmitting it a server; calculating a DKn as above and sending it from the server to the mobile; sending the IDn to the reader device which checks the validity by reviewing the software related component; and, if valid, the DKn is calculated in the reader device using the MK and the IDn, and used to send an encrypted message to the mobile; the message is decrypted to authenticate the mobile and, if successful, allows secure reader-mobile communications.
展开▼
